TECHNOLOGY SUMMARY

The HADES platform is a deception environment that utilizes Software Defined Networks (SDN), cloud computing, dynamic deception, and agentless Virtual Machine Introspection (VMI). These elements fuse to not only create complex, high-fidelity deception networks, but also provide mechanisms to directly interact with the adversary—something current deception products do not facilitate. At the onset of an attack, adversaries are migrated into an emulated deception environment, where they are able to carry out their attacks without any indication that they have been detected or are being observed. HADES then allows the defender to react to adversarial attacks in a methodical and proactive manner by modifying the environment, host attributes, files, and the network itself in real-time. Through a rich set of data and analytics, cybersecurity practitioners gain valuable information about the tools and techniques used by their adversaries, which can then be fed back to the network defender as threat intelligence.

AREA/MATURITY/AWARDS

Primary Application Area: Cyber, AI, Data, Software

Technology Development Status: Prototype

Technology Readiness Level: TRL 6

Vetted Programs/Awards: R&D 100

SHOWCASE SUMMARY

Organization Type: Academic/Gov Lab

Showcase Booth #: 406

Website: https://www.sandia.gov

GOVT/EXTERNAL FUNDING SOURCES